A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.
Use HTTP/2 instead (clear boundaries between requests)
Disable reuse of backend connections eg.
http-reuse never
in HAProxy or whatever equivalent LB settings